Facebook adds Tor network support with official onion address

Facebook is currently experimenting with adding an extra layer of security and anonymity by making its social network available to those using the Tor network.

Facebook’s onion address – https://facebookcorewwwi.onion/ – will connect a user to Facebook’s Core WWW Infrastructure. SSL is used atop the service due in part to what Facebook software engineer Alec Muffett calls architectural considerations – like helping to confirm that the service really is run by Facebook. Do note that the Tor link will only work in Tor-enabled browsers.

In a post on the matter, Muffett said it’s being done to make the experience more consistent with their goals of accessibility and security but as others have suggested, the Tor address is probably targeting overseas users that live in countries where access to Facebook is blocked.

Up to this point, Tor users could visit Facebook but it wasn’t a pleasant experience. As Muffett points out, Tor challenges some of Facebook’s security mechanisms such as where a user is logging in from. To Facebook, the bouncing around of a user’s location could incorrectly indicate that a hacked account is being accessed through a botnet.

Muffett added that they have many ideas and are looking forward to improving the service. One of their medium-term goals, for example, is to support Facebook’s mobile-friendly site via an onion address.

Facebook has been stepping up its security as of late. Last year, the social networking king enabled https by default in addition to implementing Perfect Forward Secrecy and HSTS.